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AN INTRODUCTION TO BOSE-CHAUDHURI-HOCQUENGHEM CODES 


I. INTRODUCTION 

Bose-Chaudhuri-Hocquenghem codes are the most efficient class of alge- 
braic, block codes known for correcting random errors. These codes encompass 
a wide range of rate and error-correcting capability. They were discovered 
by Hocquenghem [14] in 1959 and independently by Bose and Chaudhuri [6, 7] 
in 1960 as a constructive proof that binary block codes of length 2 m - 1 exist 
that correct t errors with at most mt parity check symbols. The Reed-Solomon, 
Golay, and well known Hamming codes belong to this class. The first decoding 
procedure for binary codes was discovered by Peterson [17] in 1960. A gen- 
eralized method for decoding both binary and non-binary codes was found soon 
afterwards by Gorenstein and Zieler [25, 26], By taking advantage of the 
cyclic nature of BCH codes, Chien [9] in 1964 proposed a decoding procedure 
for binary codes resulting in increased speed and decreased complexity for 
special purpose decoding computers and in 1965 Massey [15] discovered a 
step-by-step procedure for decoding both binary and non-binary codes that has 
slightly simpler hardware mechanization than Chien’ s method. The decoding 
methods were extended to include erasures as well as errors by Forney [11] 
thus improving the performance of the algebraic codes relative to the optimum 
probabilistic decoding procedures. The principal advantage of the algebraic 
block codes is the simplicity of the coding and decoding algorithms and the 
resulting efficiency of implementation. 


II. FUNDAMENTAL MATHEMATICAL CONCEPTS 

This report is designed to be a tutorial introduction to the BCH codes. 
These codes are based on the concepts of modern algebra. In this section 
the basic mathematical concepts and definitions necessary for understanding 
and using these codes are introduced. The reader desiring a more complete 
and rigorous presentation should consult Peterson [18] and texts on modern 
algebra. 


Concept 1 arithmetic modulo p 

Given two numbers, b and p , if b is divided by p , the result is a quotient 
q and a remainder r with r less than p. In other words, b can be expressed 
as: 
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b = qp + r 


The number c = b modulo p , usually written as c = b mod p, is defined to 
be the remainder r when b is divided by p. 


Example 1. 


21 mod 5 = 1 
since 21 = 4 x 5 + 1 


Definition 1. Equivalence classes 

Any numbers having the same remainders with respect to p , are said to be 
equivalent or in the same equivalence class. That is, a = b if a mod p = b 
mod p. 


Example 2. 

All even numbers modulo 2 are equivalent to 0. All odd numbers modulo 2 
are equivalent to 1. 

Example 3. Addition Modulo 2 


(0 + 0) mod 2 = 0 
(0 + 1) mod 2 = 1 
(1 + 1) mod 2 = 0 

Observe that subtraction modulo 2 is equivalent to addition modulo 2 since 
1-1 = 0 . 

Comment: Examples 2 and 3 illustrate the relationship of the binary number 
system to arithmetic modulo 2. 


Concept 2 Polynomials modulo g(x) 

Definition 2. Polynomial of Order n 

A polynomial or order n is an algebraic expression of the form f (x) = a n x" 
+ a n _ 1 x"' 1 + . . . + a^ + a Q where a , a t , . . . , a n are fixed numbers 

and x is an indeterminate. 
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Given two polynomials f (x) and g (x) the result of dividing f (x) by g (x) 
is a quotient q (x)and a remainder r (x) of order less than g (x). That is, f (x) 
can be written as: 


f (x) = q (x) g (x) + r (x) 


Definition 3. f (x) mod g (x) 


f (x)mod g (x) is defined to be the remainder r (x). Polynomials having 
the same remainder are said to be equivalent or in the same equivalence 
class. 


Example 4. (x 3 + x 2 +1) mod (x + l) 


x 2 

x + 1 y x 3 + x 2 + 1 

X 3 + X 2 

1 


q (x) = x 2 , r (x) = 1 


so that 


X 3 + X 2 + 1 = x 2 (x + 1) + 1 


and 


(x 3 + x 2 + 1) mod ( x + 1 ) = 1 


Concept 3 Group 
Definition 4. Group 

A group is a collection of elements , a 2 , a 3 , . . . and an operation denoted 
by • such that the following axioms are satisfied: 

1. Closure 

For any two elements a , and a 2 , in the group a t . a 2 is in the group. 
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2. Associative Law 


3 1 ‘ ( a 2 ' a 3 ) = ( a i ‘ a 2 ) ' a 3 

3. Identity element 

The group contains a unique element I such that a . I = I . a = a for 
all a in the group. 

4. Inverses 

For each element a , the group contains an inverse element a 1 such that 

a i ‘ a r' = a ! 1 • a i = 1 

If for any two elements a^ . a 2 = a 2 . a t the group is called commutative or 
Abelian. The groups used in describing algebraic codes are Abelian. 


Example 5. Additive group of integers modulo 5 

Let the elements of the group be the integers 0, 1, 2, 3, 4, and the operation 
. be addition modulo 5 denoted by the symbol © . Then the identity element 1 = 0 
since 0 © a = a. The addition table and the table of inverses are shown below. 

Addition Table 



0 

1 

2 

3 

4 

0 

0 

1 

2 

3 

4 

1 

1 

2 

3 

4 

0 

2 

2 

3 

4 

0 

1 

3 

3 

4 

0 

1 

2 

4 

4 

0 

1 

2 

3 


Table of Inverses 


a -a 


0 

1 

2 

3 

4 


0 

4 

3 

2 

1 
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Example 6. Multiplicative group of integers modulo 5 

Let the group elements be 1, 2, 3, 4, and the operation . be multiplication 
with the result reduced modulo 5. Then the identity 1=1. 

Multiplication Table 



Table of Inverses 


a 


a 


i 


1 

2 

3 

4 


1 

3 
2 

4 


Note: It can be shown [18] that the integers 1, 2, . . . , p- 1 , where p is a prime 
number, and the operation, multiplication modulo p , form a group. 


Definition 5: Order of a Group 

The order of a group is the number of elements in the group. 

Definition 6: Powers of elements 

a 0 = I 
a 2 = a ’a 

a 3 = a • a • a = a 2 • a 
etc. 
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Definition 7. Order of an element 

The order of an element is the smallest nonzero integer e such that a e = I. 
It can be shown that the order of an element always divides the order of the 
group. 

Example 7. 

The order of the group in Example 6 is 4. The order of the various elements 
will now be determined. 

I 1 = 1 so e l = 1 

2 2 = 4, 2 3 = 8 = 3, 2 4 = 16 = (3 x 2) = 1 so e 2 = 4 
3 2 = 9 = 4, 3 3 = 12 = 2, 3 4 = 6 = 1 so e 3 = 4 
4 2 = 16 = 1 so e. = 2 

4 

Thus the order of each element divides 4, the order of the group. Notice 
that the powers of the elements 2 and 3 generate all the other elements of the 
group. 

Definition 8: Primitive element 

An element, a , whose powers generate all the group elements is called a 
primitive element. It can be shown that every group contains at least one 
primitive element. 

Definition 9: Subgroup 

A subgroup is a set of elements taken from a group satisfying all the group 
axioms. 

Example 8 

The elements 1, 4 form a subgroup of the group in Example 6. 
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Concept 4 Field 


Definition 10: A field is a set of elements closed under addition (+) and multipli- 
plication (.) which satisfy the following axioms: 

1. The set of elements is an Abelian group under addition. 

2. The set of nonzero elements form an Abelian multiplicative 
group. 

3. The distributive law applies: a (b + c) = ab + ac 

Example 8 

1. The real numbers form a field with ordinary arithmetic. 

2. The numbers 0, 1 form a field under arithmetic modulo 2. 

3. The numbers 0, 1, 2, 3, 4, form a field under arithmetic modulo 5. 

4. It can be shown that the integers 0, 1, ... , p -1 where p is a prime 
number form a field under arithmetic modulo p . 

Definition 11: Galois Field 

A field containing a finite number of elements p is called a Galois field. 
These will be denoted as GF (p). 

Concept 5 Polynomial over a field 
Definition 12: An expression of the form 

f n X " + f n - 1 + • • * + f 0 

is called a polynomial of order n over GF (p) if the coefficients f Q , f : , . . . , 
f n are all elements of GF (p) and f n ^ 0. GF (p) is called the ground 
field. 

Addition and multiplication of polynomials are performed according to the 
ordinary rules except that the coefficients are found using arithmetic modulo p . 
Therefore if 

n 

f (x) = 22 f l x 1 

i =0 
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and 


g ( x ) = gi xi 

i =0 


n 

f (x) + g (x) = 2^ [( f i + gi) mod p] 
i =0 


f ( x ) g 


<->= L 




mod p 


x 1 


Example 9. Polynomials over GF (2) 

Let the ground field be GF (2) with elements 0 and 1. Let f (x) = x 2 + 1 and 
g(x) = x 3 + x 2 +1. Then f (x) + g (x) = x 3 + (1 + 1) x 2 + (1 + 1) = x 3 and 

x 3 + x 2 + 1 
x 2 + 1 

X s + X 4 + X 2 

X 3 + X 2 + 1 

f (x) g (x) = X s + X 4 + X 3 + 1 . 


Definition 13. Irreducible Polynomial 

A polynomial f (x) is irreducible over GF (p) if it can not be expressed as 
the product of two polynomials g (x) andh (x) each of degree at least one, 
with coefficients in GF (p) . 


Example 10: 

In GF(2 ) x 2 + 1 = ( x + 1) 2 is not irreducible while x 2 + x + 1 cannot be ex- 
pressed as the product of two polynomials over GF (2 ) and is therefore irreducible. 
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Comment: Given a polynomial g (x) over GF (p) of order n and a polynomial 
f (x)over GF (p) of arbitrary order, f (x) modg(x) was defined in Concept 2 to be 
the remainder when f (x) is divided by g(x). Therefore f (x) mod g(x) is the 
n - 1 order polynomial r (x) = r x"* 1 + . . . + r Q . 

For fixed g (x) and arbitrary f (x), r (x) can be p n different polynomials since 
r Q , i-j ..... , r n _ j can each be any one of the p elements of GF (p). It can be 
seen that these p n polynomials form an additive group. If g (x) is irreducible 
it can be shown [18] that the p n - 1 nonzero polynomials form a multiplicative 
group if multiplication is performed modulo g (x ) . Therefore under the operations 
of polynomial addition and polynomial multiplication modulo g (x) with all co- 
efficients determined using arithmetic modulo p , the p" polynomials of order 
n - 1 form a field when g (x) is irreducible. Therefore these p n polynomials 
are the elements of a Galois field GF (p n ) . It is convenient for polynomial addition 
to represent the elements r (x) = r n l x"' 1 + . . . + r Q of GF(p n ) by the n dimen- 
sional vector r = [r Q , r j , . . . r n _ J ]. This notation will be used interchangeably 
with the polynomial form. 


Example 11. 


Let the base field be GF(2) and g (x) = x 3 + x + 1 . It can be shown that g (x) 
is an irreducible polynomial so that the field generated by polynomials modulo 
g(x) has order 2 3 = 8. It is instructive to examine the elements x k mod g (x) 
fork = 0, 1, . . . . The table below was generated by dividing x k by g (x) to find 
the remainder r (x) . 



As stated previously the nonzero elements of GF(2 3 ) must form a multiplicative 
group of order 7. From the table it can be seen that the powers of the element 
x generate all the elements of this group. Therefore x is a primitive element. 
The polynomial g(x) is called a primitive polynomial. Also observe that x 7 = 1. 
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It can be shown that for any element, a, of a group of order e, a e =1. To find 
the inverse element of any member of the group observe that x 1 x* = x 1 + J = 1 
if i + j = 7 so that [x 1 ] -1 = x -1 = x^ . For example, from the table it is ob- 
served that x 3 = 1 + x and x 4 = x + x 2 so that x 3 . x 4 should be 1. Multiplying 
gives: 


1 + x 
x + x 2 


X + X 2 

X 2 + X 3 

X 3 • X 4 = X + X 3 


and reducing x + x 3 modulo g (x) 

1 

x 3 + x + 1 |x 3 +x 

X 3 + X + 1 

1 

shows that the remainder is 1 as expected. 

Concept 6 Roots and Extension Fields 
Definition 14: Root of a Polynomial 

Given a polynomial f (x ), any element a such that f (a) = 0 is called a root 
of f (x). 

If a is a root of f (x) then x - a must be a factor of f (x), i.e., f (x ) = (x - a) 
h(x ) . 

The roots of a polynomial over GF(p) may or may not belong toGF(p). This 
fact is illustrated by the following two examples. 
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Example 12. Polynomial over GF (2) with roots in GF(2) 

Let f(x) = x 2 + 1 = (x + l) 2 . Then clearly f (1) =0 and 1 is a double 
root of f (x) and belongs to GE(2). 

Example 13. Polynomial over real numbers with no real roots 

Let f (x) = x 2 + 1 , then there is no real number, a , such that a 2 +1 = 0. 
However, if our root field is extended to include complex numbers, then a root 
a of f (x) is customarily denoted as a = i = 'T-T . Since a is a root of f(x), 


f(a) = a 2 +l=0 
or a 2 = _ l 


and a 3 = - a 


and a 4 = - a 2 = 1 

It should be observed that any complex number c = a + i b is a linear com- 
bination of the powers of the roots of f (x) . That is, c = a a 0 + a b . 

Example 14. Polynomial over GF (2) without roots in GF(2) 

Let f(x) = x 3 + x + 1 as in Example 11. Since f (1) = f (0) = 1 , f (x) 
has no roots in GF( 2) . Let a root of f (x) in some extension field be abstractly 
designated as a . Therefore 


f(a) = a 3 +a-t-l=0 
o r a 2 = a +1 

Using this relationship for a 3 , a k for k = 0 , 1 , • • • can always be ex- 
pressed as a linear combination of a 0 = 1 , a and a 2 . For example 

a 4 = a • a 3 = a 2 + a 

a 5 = a • a 4 = a 3 + a 2 = ( a + 1 ) + a 2 = a 2 + a + 1 etc. 

It is convenient to represent a k = c Q + c^a + c 2 a 2 as a 3 dimensional 
vector a k = [c Q , Cj , c 2 , ] in some cases. A table of the powers of the root 
a of f (x) is shown on the following page. 
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Table 




a* 


a/* 


a 


10 0 
0 10 

0 0 1 

110 
oil 
111 


10 1 
10 0 


The elements 1 , a, a 2 , a 3 , a 4 , a 5 , a 6 , form a group under multiplication. Since 
a 7 = 1, a 1 ai = a i+i = 1 if i + j = 7. Therefore [a 1 ] -1 = a j so that each 
element has an inverse. For any integer k,k=qX7 + k mod 7 so a k = 
a qx 7 a k mod 7 _ a k mod 7 _ Therefore the set of powers of a is closed. From the 
table it can be seen that the powers of the root a generate all the elements of 
the group so that a is a primitive element. 


Definition 15. Primitive Polynomial 

A primitive polynomial is an irreducible polynomial with at least one 

primitive root a. 

It can easily be shown that all linear combinations of 1, a , and a 2 , i.e., 
elements of the form c 0 + Cja + c 2 a 2 with the coefficients c 0 , c x , c 2 taken 
from GF (2 ) , form an additive group with 2 3 = 8 elements . Therefore the roots 
generate an extension field GF(2 ). 

The reader should compare Example 14 with Example 11. These examples 
illustrate the fact that the field corresponding to polynomials modulo x 3 + x + 1 
is identical with the extension field generated by the root a of x 3 + x + 1. This 
equivalence is true in general. Given an irreducible polynomial g (x) of degree 
n over GF(p) with a root a an arbitrary polynomial f (x) can be expressed on 
applying the Euclidean division algorithm as 

f (x) - q (x) g (x) + r (x) 
where the degree of r (x) is less than n . 
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Substituting a for x gives: 


f (a) = q (a) g (a) + r (a) 

but since a is a root ofg(x),g(a) = 0 and f (a) = r (a) which is exactly equiva- 
lent to f (x) mod g (x) = r (x) with x replaced by a . Therefore either point of 
view generates the Galois field GF (p n ) . 

The result stated in the following theorem is important because it determines 
the block length of the algebraic codes. 

Theorem 1. 

A primitive polynomial g (x) of order n over GF (p) divides x p " _1 - 1. 

Proof: 

Any root a. of g(x) generates an extension field ofGF (p) with p n elements. 

The set of p" - 1 nonzero elements form a multiplicative group. Therefore 
a? -1 =1 oraf' 1 -1 =0 for i = 1, . . . , n since p n - 1 is the order of the 
multiplicative group. Thus each root of 


g( x ) 


n 

(x - a.) 

i = l 


n i n 1 

is also a root of x p _1 - 1 so g (x) must divide x p _1 - 1 . 

QED 

If g (x ) is irreducible but not primitive, its roots will generate an extension 
field of order e < p” so that g (x) will divide x e “ 1 - 1. These polynomials 
are useful for generating codes of length e - 1. It should be observed that g (x) 
will still divide x p -1 - 1 since its roots form a subfield of GF(p n ). 

The following theorem and corollary are important in finding the generator 
polynomials (which will be defined later) for BCH codes. 
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Theorem II 


Given a polynomial 


f 



f. x 1 
1 


over GF (p). 


[f (x)]p = f (x*»). 


Proof: 

First consider the case where n = 1. Then according to the binomial theorem 


(f„ + f, x) B = T (?) f; (f, *> p - r = f'„ + f? x» 

r = 0 

since 

H 

\r/ r! (p-r)! 

is divisible by p except when r = 0 or p. Since the coefficients P are ele- 
ments of GF(p), f? = f A so that 


(f 0 + x)P = f ( 


+ f t x F 


Now let f (x) be an n th order polynomial and assume the theorem is true for 
n - 1 th order polynomials. Then 


f(x)= J2 f i xi 

X=o 


n - 1 



i s 0 


14 


and 


[f (x)] p 



f. X 1 + f x n 
1 n 


P 



f. X 1 


1 


p 

+ f p x pn 

n 


■ L 

i = 0 


f. (x p y 


f (x p ) 


Q.E.D. 


Corollary 1. 

If a is a root of the polynomial f (x) over GF (p), then a p is also a root. 
Proof: 

According to Theorem II 


[f (x)] p = f (x p ) 


so that 


[f (a)] p = 0 = f (a p ) 


Q.E.D. 


Definition 16: Monic Polynomial 

A polynomial with unity as the coefficient of its highest order term is called 
a monic polynomial. 


Definition 17: Minimum Polynomial 

Let /3 be an element of an extension field GF (p n ) . The monic polynomial 
m (x) of smallest degree over GF(p) such that m (fi) = 0 is called the minimum 
polynomial of /3. It can be shown [18] that the degree of m (x) is n or less. 
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Example 15 

Consider the extension field GF(2 3 ) discussed in Example 14. Since a is a 
root of f (x ) = x 3 + x + 1 , according to Corollary 1 , a 2 and (a 2 ) 2 = a 4 must 
also be roots of f (x ). Notice that (a 4 ) 2 = a 8 = a . Therefore a , a 2 , and a 4 are 
the three roots of f (x ) so that f (x ) = (x -a ) (x - a 2 ) (x - a 4 ) . Using the table 
of Example 14, 


and 


1 


~ o “ 


1 ~ 


~ 0 ~ 

0 

+ 

0 

+ 

0 

= 

0 

_1 


_1 


_ 0 _ 


_ 0 _ 



- i~ 


“0~ 


“1 — 


“0“ 

f (a 4 ) = a 1 2 + a 4 + 1 = a 5 + a 4 + 1 = 

i 

+ 

1 

+ 

0 

- 

0 


_i_ 


_1 _ 




_ 0 _ 


The minim um polynomial m 3 (x ) for a 3 will now be found. According to 
Corollary 1 a 6 , a 12 = a 5 , a 10 = a 3 must be roots of m 3 (x ). Therefore m 3 (x ) = 
(x - a 3 }- (x - a 6 ) (x - a 5 ) = [x 2 - (a 3 + a 6 ) x + a 9 ] (x - a 5 ) = x 3 - ( a 3 + a 5 + a 6 ) 
x 2 + (a 8 + a 9 + a 11 ) x - a 14 . 

According to the table 



i 


1 


1 


1 

a 3 -f a 5 + a 6 = 

i 

+ 

1 

+ 

0 

= 

0 


0 


1 


1 


0 


0 


0 


0 


0 

1 

+ 

0 

+ 

1 

= 

0 

0 _ 


1 


1 


0 


16 



and 


so that 


,14 


1 

0 

0 


m 3 (x) = x 3 + x 2 + 1 

It is instructive to find m 3 (x) by an alternate method. Assume that m 3 (x) = 

C Q + C x X + C 2 X 2 + X 3 . 

Then m 3 (a 3 ) = c Q + c a 3 + a 6 + a? = 0 = 



1 


1 


1 


"o“ 


“<T 

c o 

0 

+ c ! 

1 

+ C 2 

0 

+ 

0 

= 

0 


0 

1 

0 


1 


1 


0 


From the last of the three equations above it is concluded that c 2 = 1. From the 
second equation Cj is found to be 0 and thus c Q must be 1. Thus m 3 (x) = x 3 + 
x 2 + 1 as before. 


III. CIRCUITS FOR ARITHMETIC IN GF (p m ) 

Algebraic block codes are attractive because of the simplicity of the digital 
equipment necessary for coding and decoding. The simplicity in the case of 
binary codes results from the fact that multiplication of elements in GF (2 m ) can 
be performed instantaneously using logic gates while division is easily performed 
with shift registers. Some typical circuits used for GF (p m ) arithmetic are dis- 
cussed in this section. 

A. Multiplication of Elements of GF^) 

It was demonstrated in Section II that any element of GF (p ra ) can be repre- 
sented as a linear combination of the elements 1 , a, a 2 , . . . , a m_1 where a is 
the root of a primitive polynomial of order m . In decoding BCH codes it is 
necessary to find powers and products of elements in GF(p m ). For binary codes 
this can be performed readily using logic gates. The technique is illustrated 
forGF (2 3 ) in the following example. 
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Example 16. 


Let GF(2 3 ) be represented as in Example 14. Let two elements of GF (2 3 ) be 

c = c 0 + Cj a + c 2 a 2 
d = d Q + dj a + d 2 a 2 

Then cd can be found using ordinary multiplication to be 

Cd = d 0 C 0 + ( d 0 + d l C 0 > a + ( d 0 C 2 + d l c i + d 2 C o) a2 
+ (dj c 2 + d 2 Cj) a 3 + d 2 c 2 a 4 

But from the table in Example 14 

a 3 = 1 + a and a 4 = a + a 2 
Therefore, after simplification, 

cd = ( d 0 C 0 + d l C 2 + d 2 C l) + ( d 0 C X + d l C 0 + d l C 2 + d 2 C 1 + d 2 C 2 > a 

+ d 2 c 2 a 2 

The GF (2) equations for the coefficients of cd can easily be translated into a set 
of Boolean equations. These equations can be minimized and the corresponding 
logic network synthesized. 


B. Division of f (x) by g (x) 

The notation of Peterson (18) will be used here. The symbol ® represents 
a modulo p adder and the symbol □ represents a storage element of a shift 
register. The circuit shown in Figure 1 can be used to divide the polynomial 
f (x) = f 0 + f j x + . . . + f n x n by the polynomial g(x) = g Q + g x x + . . . +x m . 
The coefficients of f (x ) are applied to the input serially from highest order to 
lowest order. The coefficient of the quotent appear serially at the output from 
highest to lowest order also. After n shifts the coefficients of the remainder 
are left in the shift register with the coefficient of highest order on the right. 
The operation of this circuit is analogous to ordinary long division and is ex- 
plained in detail in [18] pp. 111-113. 
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OUTPUT 



For decoding it is necessary to evaluate f (a) where a is a root of g(x). 
Since 


f (x) = q (x) g (x) + r (x) , f (a) = r (a) 

and therefore only the remainder r (x) is needed. It is instructive to examine 
the operation of the division circuit from the point of finding f (a). Consider the 
storage elements of the shift register to contain from left to right the coefficients 
of 1 , a, ... , a m ~ 1 . The storage elements are first set to zero. The contents 
of the register after the first shift are f , after 2 shifts are f , + af . and 
after m shifts are f , + f „ a . . . + f a m_ 1 since feedback occurs only 
when the data reaches the last stage of the shift register. At the m + 1 shift 
feedback begins to occur. Suppose, for the time being, that the feedback link 
was broken and that the register contained additional storage elements. Then 
after the m+1 shift the contents of the register would correspond to 


f 

n — m 


+ f 


n-m + 1 


a + 


+ f . + f 

n — 1 r 


a 


However, since a is a root of g (x), 

= -g 0 - % ^ - • • • - g n] _ 1 o'”- 1 . 

Thus the contents of the register with feedback temporarily disabled is equivalent 
to 


( f n-m - f n + ( f n- 


m + 1 


- f 


gr ) a 

n 


+ ( f n — 1 - f n g^-l) a ’ 


m- 1 
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which is just the contents of the register if feedback were allowed. In other words, 
the feedback replaces a™ by its equivalent in terms of 1, , a”" 1 . Continuing 

this reasoning for n + 1 shifts it is observed that the coefficients of f (a) = f 0 + 
f t a + . . . + f n a" = r (a) remain in the register. 

If the input, f (x ) , to the division circuit is zero and the register contents 
correspond to r (a) = r Q + r a + . . . + r m _ x a m “ 1 initially, then after one shift 
the register contents correspond toar (a) or equivalently x r (x) modg(x). 
Therefore, this circuit can be used to count in GF(p m ). If a 1 is initially placed 
in the lowest order storage element, then the shift register contents become 1, 
a , a 2 , ... as it is shifted. 

In some cases it is necessary to calculate a k f (x) where k is a positive 
integer. The division circuit can be modified as shown in Figure 2 to perform 
the premultiplication by a k . The operation of the circuit can be described as 
follows: 



If x k mod g(x) =a (x) then a k = a (a) = a Q + a + . . . + a ra _ 1 x m-1 . After the 
first shift the register contents are f a k . After the second shift the contents 
are a k +1 f n + a k f . Continuing this reasoning it is clear that after n + 1 
shifts the register contains a k f (a) or equivalently x k f (x) mod g (x). 

Example 17 

Let g (x) = x 3 + x + 1 as in Example 14 and let k = m = 3. Then a 3 = a + 
1 and the circuit for finding a 3 f (a) is shown in Fig. 3. 
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Figure 3-Circuit for Finding a 3 f (x) 


Example 18 

Let g (x) = x 3 + x + 1 again and k = 5. The circuit for finding a 5 f (a) is 
shown in Fig. 4. 



Figure 4-Circuit for Finding a 5 f (x) 


IV. CYCLIC BLOCK CODES 

BCH codes belong to the class of algebraic codes known as cyclic codes. In 
this section cyclic codes are defined and some of their properties explained. 


Definition 18: Least common multiple 

Given the set of integers e x , e , . . . , e m , the least common multiple of 
these integers is the smallest number divisible by each of them. 







Given a set of polynomials (x), . . . , e m (x), their least common multiple 
is the polynomial of lowest order divisible by all of them. 

Let g (x) be a polynomial of order r over GF (p) with roots , a 2 a T 

that are elements of GF(p m ). Let the orders of the roots be , . . . , e r and let 
n be the least common multiple of the orders. 

Then 


n = qi e ! = q 2 e 2 


% 


e 

r 


and 


= 1 


since 


q ■ 

q . e . e - i q . 

a" = a> 1 = (a. 1 ) = 1 1 = 1 . 

Therefore each root of g(x) is a root of x n - 1 so that g (x) divides x n - 1 and 
n is the smallest integer such that x n - 1 is divisible by g (x). 

Consider the set of all n - 1 order polynomials of the form 

f (x) = q (x) g (x) mod (x n - 1) 

where g (x) is an arbitrary polynomial over GF (p) and n is the samllest integer 
such that x n - 1 is divisible by g (x). It is shown in the following two theorems 
that each of these polynomials is divisible by g (x) and that the set is closed 
under addition thus forming a linear vector subspace. 


Theorem III 

Let n be the smallest integer such that x n - 1 is divisible by g (x). Then 
q (x ) g(x) mod (x n - 1) is also divisible by g(x). 

Proof: 

According to the Euclidean division algorithm 

q (x) g (X) = h (x) (x n - 1) + r (x) 
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where h (x) is the quotient andq (x) g(x) mod (x n - 1) = r (x) by definition. Clearly, 
g (x) divides the left hand side of this equation, g (x) divides x n - 1 and therefore 
it must also divide r(x) if the right hand side is to be divisible by g(x). 

Q.E.D. 


Theorem IV 

Let fj (x) = q x (x) g (x ) mod (x n - 1) and f 2 (x) = q 2 (x) g(x) mod (x n - 1). 
Then fj (x) + f 2 (x) is divisible byg(x). 


Proof: 

According to the previous theorem both f 1 (x) and f 2 (x) are divisible by 
g (x ) . Therefore the sum is divisible by g (x ) . 


Q.E.D. 

The set of polynomials q (x ) g(x) mod (x n - 1) will be taken as the code 
vectors. From the previous two theorems it is clear that these vectors form a 
subspace of an n dimension vector space and that each code vector is a multiple 
of g (x ) . g (x ) is called the generator polynomial for the code and n is called 
the code length. 

If r is the order of g (x) it can be shown [18] that the code vectors form 
an n-r dimensional subspace. That is, n-r components can be arbitrarily 
chosen as information symbols and the remaining r symbols must be check 
symbols. In most cases, it is convenient to chose the first n-r components, 
i.e., the coefficients of x n_1 , x n ~ 2 , . . . , x 2 , as information symbols. Codes 
of this type are called systematic codes. Encoding can be performed as follows: 

Let the information correspond to the polynomial I(x) = i n _ x x n_1 + . . . + 
i r x r . Then according to the Euclidean division algorithm 

I (x) = q(x) g(x) + c(x) 

where c(x) = c r _ 1 x r_1 + . . . + c Q is the remainder when I (x) is divided by g(x). 
Therefore 

q (x) g (x) = I (x) - c (x) = i n _ 1 x n_1 + • ■ • + i r x r - c r _ x x r_1 + * * • - c Q 
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is a code word with the information symbols appearing first. The encoding can 
be performed by dividing I (x) by g (x) to find c (x) using the circuits discussed 
in the previous section. The reader desiring a more complete discussion and 
alternate circuits should consult Peterson [18] . 

Given any code word 

f OO = f n _! x "" 1 + f n -2 xn ' 2 + * • * + f o> 


then 


x f (x) = f n _j x n + f n _ 2 x n_1 + • • • + f 0 x 

must also be a code word since it is still a multiple of g (x). Since x n mod 
(x n - 1) = l,x f (x) mod (x n - 1) = f n _ 2 x n_1 + . . . + f Q x + f n _ x . If f (x) is 
represented in the vector form f(x) = (f Q , f x , . . . f n _ x ). Thenx f (x) = (f , 

f 0> fj, . . . , f n _ 2 ) is just a cyclic shift of the vector f (x). This is why these 
are called cyclic codes. 


V. BOSE-CHAUDHURI-HOCQUENGHEM CODES 
A. Definition 

BCH codes are cyclic codes with symbols inGF(p) and can most easily be 
described in terms of their generator polynomials. Let a be an element of an 
extension field GF(p in ), for example, a root of a primitive polynomial of order 
m over GF(p) and let m Q be an arbitrary integer. Then the generator polynomial 
g (x) is the polynomial of smallest degree that has 

m n + 1 m + d-2 

a , a u , ■ • • , a u 

as roots. Since each code vector f (x) is a multiple of g (x ), these must also be 
roots of f (x). The cases where m 0 = 0 or 1 are most frequently used. If m Q = 0 
then 1 is a root of f (x) so that 



which corresponds to a simple parity check. The code length n is the smallest 
integer such that g(x) divides x n - 1. It can be shown [18] that n is the order 
of a for d > 2, for example, n = p m - 1 if a is primitive. The code vectors 
are the set of all polynomials of the form q (x) g(x) mod (x n - 1). 


Example 19. 

Let a be a root of the primitive polynomial x 3 + x + 1 as in Example 14. 
Then the code length is n=2 3 - 1= 7. Let m Q = 1 and d = 3. Then a and a 2 
must be roots of g (x). According to Corollary 1, if a is a root of polynomial 
then a? is also a root. Therefore g (x ) = x 3 + x + 1 and the code vectors 
contain four information symbols and three check symbols. For example, let 
the information symbols be x 6 + x 3 , then 


X 3 + X 

x 3 + x + 1 | x 6 + 0 + 0 + x 3 
x 6 + x 4 + x 3 


X 4 + X 2 + X 
X 2 + X 


Therefore the check symbols are x 2 + x and the code vector becomes 
f (x) = x + x 2 + x 3 + x 6 = ( 0, 1, 1, 1, 0, 0, 1 ) 

As an exercise the reader might show that for d > 3 the code becomes degene- 
rate and consists only of check symbols. 

Stenbit [ 22 ] has calculated the generator polynomials for all nontrivial 
BCH codes up to length 255 with m = 1 and a a primitive element. Peterson 
[18] contains a table of irreducible polynomials over GF (2) and minimum poly- 
nomials for powers of primitive elements which can be used for calculating 
the generator polynomials for additional codes. 


B. Distance Structure 

It can be shown [18 ] that the minimum Hamming distance of the BCH codes 
is at least d. Therefore to insure that the codes are capable of correcting t 
errors d must be chosen to be at least 2t +1. These codes will then detect 
2t = d - 1 or less errors. 
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For binary codes when m 0 = 1 and d = 2t + 1, 


must be roots of g (x). Since every even power of a is a root of the minimum 
polynomial of some odd power of a ,g(x ) is the least common multiple of m 1 (x), 
m 3 (x), . . . , m 2 (x). If a is an element of GF(2 m ), then each minimum poly- 
nomial has order m or less and g(x) is the product of at most t polynomials 
of order m so that the order of g (x) is at most mt. Therefore if a is a primi- 
tive root, g(x) generates a code of length 2 m - 1 with at most mt check digits. 

The generator polynomials for codes with various t and n are given in Stenbit 

[ 22 ]. 

If g(x) has order n - k, where k is the number of information symbols, 
the BCH codes will also detect all bursts of length n - k or less. A burst of 
length L is an error pattern of the form 

x r (b 0 + bj x + • • • + b L _j x L_1 ) = x r B (x) 

where b i ’s are elements of GF(p) and b 0 t 0, b L-1 ^ 0. Since x r is not divisible 
by g (x) because no root of g (x) raised to the r th power is zero and B (x) is not 
divisible by g (x) if L 5 n - k , the burst cannot be a code vector. 

It should also be observed that if m = 1 and d = 3 with a a primitive root, 
the BCH codes are equivalent to the well known Hamming codes. In this case 
a and a 2 must be roots of g (x) so that g (x) is just the primitive polynomial 
with a as its root as in Example 19. 


C. Error Detection 

Since each transmitted code vector f (x) is a multiple of g (x) it is only 
necessary to divide the received vector by g (x ) to check for errors. If a de- 
tectable error has occurred the remainder will not be zero. If no error or an 
undetectable error has occurred the remainder will be zero. The division can 
be performed by shifting f (x) into the division circuit shown in Fig. 1. 

D. Error Correction 

All known error correction schemes are based on Newton’s identities 
relating the elementary symmetric functions to the power sum symmetric 
functions. Since these relations are not clearly explained in the literature on 
BCH codes, they will be derived here using the method of Bocher [3] . With 
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this background the reader should be able to understand the literature [9, 11, 15, 
17, 18, 24, 25] without serious difficulty and therefore these decoding methods 
will not be discussed here. 

Definition: Elementary Symmetric Functions 

Given a set of numbers x , . . . , x n , the polynomial 

cr(x) = (x - x j ) (x - x 2 ) • • • (x - x n ) 

= x n - o-j x n_1 + cr 2 x n_2 + * • • + (- l) n 

is formed. The coefficients o- a n are defined as the elementary 

symmetric functions of x t x n . If the cr. 's are calculated, it is found 

that 





X. 


cr 


2 



for all different combinations of i and j 


x fc for all different combinations of i, j , k. 


If any two numbers x. and x j are interchanged the values of the symmetric 

functions remain the same. Therefore the functions ex a n , are said 

to be symmetric with respect to the variables x x , • • • > x n • 


Definition: Power Sum Symmetric Functions 

Given the set of numbers x , . . . , x n , the k th power sum symmetric 
function of these numbers is defined to be 
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n 



i = 1 


The elementary symmetric functions and power sum symmetric functions 
are related by a set of linear equations known as Newton's identities. Using the 
factored form of a (x ) 


do - a a a 

+ + * * * + 

dx x - x - x 2 x - x 


Since 


a(x.) = 0 

a (x) = (x n - x?) - CTj (x n_1 - x" -1 ) + * • • 


and 

= x n " 1 +(x. -o-)x n_2 + (x 2 - CT x. +o-)x n-3 + ••• 

X— X N 1 1 7 1 1 1 2 ' 

i 

and 

^ = n x n_1 + (Sj - nffj ) x n-2 + (S 2 - ^ S x + no^) x n ~ 3 + • • • 
From the unfactored form 

= n x n_1 (n - 1) cr x 11-2 + (n - 2) cr x n-3 + • • • 
dx 1 1 

Equating coefficients of like powers of x in these two expressions gives 

s i " ncr i = " ( n_1 ) CT i 

S 2 - a i S 1 + n °2 = ( n ~ 2 ) a 2 


S n-1 - CT 1 S „- 2 + °2 S n-3 “ *■* + ("l)"" 1 nCr n -l = 
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or 


s i 


S n-1 ' a i S n-2 +CT 2 S n-3 “ + "* + O' 1 )"' 1 = 0 


VI. SHORTENED BCH CODES 

Codes of length different from p m - 1 may be desired owing to equipment or 
format specifications. These are easily obtained by simply making some of the 
initial information symbols 0 in an unshortened BCH code and not transmitting 
these symbols. Since the shortened words are still code vectors, the minimum 
Hamming distance remains unchanged so that the error correction and detection 
capabilities are unchanged. Encoding and decoding procedures for the natural 
length codes also apply to the shortened codes. 

An alternative method for obtaining codes of different length is to chose a 
as a nonprimitive element of GF (p m ) . A table of some binary BCH codes gene- 
rated by nonprimitive elements can be found in Peterson (18). 


-CTj = 0 

- CTj s x + 2 cr 2 = 0 
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APPENDIX 1 

Example of Triple Error Correcting (15, 5) BCH Code 


Let a be a root of the primitive polynomial nij (x ) = x 4 + 
element in GF(2 4 ) can be represented in the form 

c 0 + Cj a + c 2 a 2 + c 3 a 3 . 
a table for the representation is shown below. 



C o 

C i 

C 2 

C 3 

1 

1 

0 

0 

0 

a 

0 

1 

0 

0 

a* 

0 

0 

1 

0 

a 3 

0 

0 

0 

1 

a 4 

1 

1 

0 

0 

a 5 

0 

1 

1 

0 

a 6 

0 

0 

1 

1 

a 7 

1 

1 

0 

1 

a 8 

1 

0 

1 

0 

a 9 

0 

1 

0 

1 

a 70 

1 

1 

1 

0 

all 

0 

1 

1 

1 

a 12 

1 

1 

1 

1 

al 3 

1 

0 

1 

1 

a 74 

1 

0 

0 

1 

alS 

10 0 
Representation of GF (2 4 ) . 

0 


x + 1. Then any 
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According to Theorem II a, a 2 , a 4 and a 8 are all roots of the same poly- 
nomial. Therefore the minimum polynomial for each of these elements is m (x) = 
4 1 x 
X + X +1. 

a 3 , a 6 , a 12 , and a 24 = a 9 all must be roots of the minimum polynomial 
m 3 (x ) for a 3 . If 

m 3 (x) = c Q + Cj x + c 2 x 2 + c 3 x 3 + x 4 

then 

m 3 (a 3 ) = c Q + Cj a 3 + c 2 a 6 + c 3 a 9 + a 12 = 0 

or according to the table 


1 “ 


~ o" 


"o“ 


“ol 


~ 1 ~ 


“o” 

0 

+ C 1 

0 

+ C o 

0 

+ C Q 

1 

+ 

1 


0 

0 

1 

0 

2 

1 

3 

0 


1 


0 

_ 0 _ 


_lj 


_ 1 _ 



; 

_ 1 _ 


_ 0 _ 


The solution of this set of four equations is 

c 0 = 1 , Cj = 1 , c 2 = 1 , and c 3 = 1 

so 

m 3 (x) = 1 + x + x 2 + x 3 + x 4 . 
a 5 and a 10 are the roots of 

m 5 (x) = (x - a 5 ) (x - a 10 ) = x 2 + (a 5 + a 10 ) x + a 15 
= x 2 + x + 1 

Let m Q = 1 and d = 7, then a , a 2 a 6 must be roots of g (x). There- 

fore 

g (x) = m x (x) m 3 (x) m g (x) 

= X 10 + X 8 + X s + X 4 + X 2 + X + 1 
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The minimum polynomials could have been found directly from the tables in 
Peterson [18] and g (x) from Stenbit [22]. 

The circuit shown in Figure 5 can be used for encoding. The five information 
digits are simultaneously shifted into the register and transmitted over the 
channel. Since this circuit automatically premultiplies its input by x 10 , the 
check bits I (x) mod g(x) remain in the register after the information bits have 
been shifted into it. The feedback is then disabled and the check bits are trans- 
mitted over the channel. 

An identical circuit can be used for error detection except that the entire 15 
bit received vector r (x) is shifted into the register. The circuit calculates 
x 10 r (x) mod g (x). For error correction, the input must be added into the first 
stage of the register rather than at the end so that r (x) mod g(x) is calculated. 



INPUT 


Figure 5— Encoding Circuit for (15, 5) BCH Codes 
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